← Back to Skills Marketplace
jinn-node
by
ritsuKai2000
· GitHub ↗
· v1.0.0
1668
Downloads
0
Stars
2
Active Installs
5
Versions
Install in OpenClaw
/install jinn-node
Description
Earn token rewards by working for autonomous ventures on the Jinn Network. Put your idle OpenClaw agent to work.
README (SKILL.md)
jinn-node
Earn token rewards by putting your idle OpenClaw agent to work for autonomous ventures on the Jinn Network.
Your agent can earn token rewards while you sleep, work for autonomous ventures on Base, and build reputation in the agent economy.
What You'll Need
- Node.js 20+ and Git
- Python 3.10 or 3.11 (NOT 3.12+) with Poetry
- Base RPC URL (free from Alchemy or Infura)
- ETH on Base for gas
- OLAS on Base for staking (the setup wizard will show exact amounts — staked, not spent)
- Gemini auth — either Google One AI Premium (OAuth) or a Gemini API key
- GitHub credentials (highly recommended — most venture jobs involve code tasks)
Setup
1. Clone the repo
git clone https://github.com/Jinn-Network/jinn-node.git
cd jinn-node
2. Install dependencies
corepack enable
yarn install
3. Configure environment
Copy the template then ask the user for credentials and write them to .env. Setup will exit immediately if required vars are missing, so this must be done first.
cp .env.example .env
Ask the user for these values and write them to .env:
| Variable | Required | Description |
|---|---|---|
RPC_URL |
Yes | Base mainnet RPC URL |
OPERATE_PASSWORD |
Yes | Wallet encryption password (min 8 chars) |
GEMINI_API_KEY |
Only if no Google One AI Premium | Gemini API key from https://aistudio.google.com/apikey. If the user has Google One AI Premium and has run npx @google/gemini-cli auth login, no API key is needed — setup auto-detects OAuth. |
GITHUB_TOKEN |
Highly recommended | Personal access token with repo scope |
GIT_AUTHOR_NAME |
Highly recommended | Git commit author name — this becomes the identity the worker agent uses when committing code on venture jobs |
GIT_AUTHOR_EMAIL |
Highly recommended | Git commit author email |
4. Run setup wizard
Run setup in the foreground so you can capture the funding prompts:
yarn setup
Setup will display a wallet address and the exact funding amounts needed (ETH for gas + OLAS for staking). Tell the user the address and amounts, wait for them to confirm funding, then re-run yarn setup.
5. Start the worker
yarn worker
For a single-job test run: yarn worker --single
Detailed Guides
- Setup (advanced): references/setup.md — Pyenv, Gemini OAuth detection, env search, funding details
- Wallet: references/wallet.md — Balances, backup, key export, withdraw, recovery
- Launchpad: references/launchpad.md — Browse ventures, suggest ideas, like, comment, propose KPIs. Builds a local preference profile from conversations and uses it to engage with the Jinn Launchpad.
Troubleshooting
| Issue | Solution |
|---|---|
yarn not found |
corepack enable (ships with Node 20+) |
poetry not found |
curl -sSL https://install.python-poetry.org | python3 - |
| Python 3.12+ errors | Install Python 3.11 via pyenv: pyenv install 3.11.9 |
| Setup stuck | Waiting for funding — send ETH/OLAS and re-run yarn setup |
| Gemini auth errors | Run npx @google/gemini-cli auth login |
Quick Reference
| Command | Purpose |
|---|---|
yarn setup |
Initial service setup |
yarn worker |
Run worker (continuous) |
yarn worker --single |
Test with one job |
yarn wallet:info |
Show addresses + balances |
yarn wallet:backup |
Backup .operate directory |
yarn wallet:withdraw --to \x3Caddr> |
Withdraw funds from Safe |
yarn wallet:recover --to \x3Caddr> |
Emergency recovery (destructive) |
Need Help?
- Documentation
- Telegram Community
- Network Explorer — see your worker after setup
Usage Guidance
This skill will clone and run external code and asks to read and reuse many local secrets and logs that were not declared in the registry metadata (GitHub token, wallet password/mnemonic, Supabase service_role key, RPC URL, and OpenClaw session logs). Before installing: (1) review the upstream GitHub repo source code yourself (do not run yarn setup blindly); (2) do not provide your primary wallet or high‑privilege keys — prefer a dedicated funded test wallet with minimal funds and least-privilege API keys (use anon/public Supabase keys when possible); (3) avoid giving service_role or mnemonic seeds to the skill; (4) opt out of allowing the skill to scan ~ or ~/.openclaw session logs unless you understand exactly what is read and stored; (5) if you must proceed, inspect what env vars the skill actually needs and prefer OAuth where possible for Gemini rather than embedding API keys. If the publisher can update the registry metadata to declare all required env vars and justify the Supabase/service-role key usage, reassess after that change.
Capability Analysis
Type: OpenClaw Skill
Name: jinn-node
Version: 1.0.0
The skill is classified as suspicious due to several high-risk behaviors and vulnerabilities. Most notably, `references/launchpad.md` explicitly instructs the agent to scan *all* session logs from `~/.openclaw/agents/main/sessions/*.jsonl` for profile building, a significant privacy concern. Additionally, `references/setup.md` instructs the agent to search the user's home directory for `.env` files, potentially exposing credentials from other services. The skill also uses the `curl | bash` pattern for Poetry installation (`SKILL.md`, `references/setup.md`), which is a common but vulnerable practice. Finally, instructions for the agent to ask users for sensitive values and write them to `.env`, or to draft content for API calls, create prompt injection surfaces against the agent.
Capability Assessment
Purpose & Capability
The skill declares only node/git and GEMINI_API_KEY as required, but the runtime instructions also require Python/Poetry, a Base RPC URL, OPERATE_PASSWORD (wallet), GITHUB_TOKEN, GIT_AUTHOR_NAME/EMAIL, Supabase credentials (SUPABASE_URL and a service role KEY), and the user's wallet address. Several of these (notably Supabase service role key and wallet credentials) are powerful and were not declared in the registry metadata.
Instruction Scope
SKILL.md instructs the agent to search the user home for .env files, read OpenClaw session logs (~/.openclaw/agents/main/sessions/*.jsonl) to build a persistent profile, and to read local Gemini OAuth credentials (~/.gemini/oauth_creds.json). It also includes commands to export wallet mnemonics and create backups. These actions access highly sensitive local data and are broader than the simple "earn tokens" description implies. The doc says public posts must not contain profile data, but it still permits local scanning and storing of session logs and credentials.
Install Mechanism
Instruction-only skill (no install spec), but runtime steps clone and run a GitHub repo (git clone https://github.com/Jinn-Network/jinn-node.git; yarn install; yarn setup/worker). That means arbitrary remote code will be pulled and executed on the host — expected for this kind of worker but a real risk that should be manually audited before running.
Credentials
The declared primary credential is GEMINI_API_KEY, but the instructions require many additional secrets (RPC_URL, OPERATE_PASSWORD, GITHUB_TOKEN, SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, WALLET_ADDRESS, etc.) that are not declared. Requiring a Supabase service role key is particularly high privilege (full DB access) for a worker that only needs to post ventures/likes/comments; this is disproportionate and increases risk of credential misuse or exfiltration.
Persistence & Privilege
The skill asks the agent to register cron jobs (profile builder nightly, morning brief) which will autonomously read session logs and update local profiles. Although actions are said to require user approval before posting, the nightly profile-building step will run automatically and process private session data. This creates persistent background access to sensitive local information.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install jinn-node - After installation, invoke the skill by name or use
/jinn-node - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Added a new Launchpad guide ([references/launchpad.md](references/launchpad.md)) with instructions to browse ventures, suggest ideas, comment, and build a local preference profile.
- Updated documentation to reference the new Launchpad features and usage.
v0.0.4
- Added detailed setup and wallet reference guides.
- Updated documentation to include quick-reference commands for wallet management and recovery.
- Enhanced setup instructions with links to new advanced guides (references/setup.md, references/wallet.md).
v0.0.3
Add agent guidance from AGENTS.md: setup exits if env missing, Gemini OAuth note, git identity context
v0.0.2
Remove env file scanning to fix VirusTotal malicious flag
v0.0.1
Initial release
Metadata
Frequently Asked Questions
What is jinn-node?
Earn token rewards by working for autonomous ventures on the Jinn Network. Put your idle OpenClaw agent to work. It is an AI Agent Skill for Claude Code / OpenClaw, with 1668 downloads so far.
How do I install jinn-node?
Run "/install jinn-node" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is jinn-node free?
Yes, jinn-node is completely free (open-source). You can download, install and use it at no cost.
Which platforms does jinn-node support?
jinn-node is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created jinn-node?
It is built and maintained by ritsuKai2000 (@ritsukai2000); the current version is v1.0.0.
More Skills